πΊπΈ
TPI-Abuse
2026-07-18 13:54:34
(5 hours ago)
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 09:54:30.344754 2026] [security2:error] [pid 9830:tid 9830] [client 102.179.45.78:60290] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.45.78 (+1 hits since last alert)|nolaanime.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nolaanime.com"] [uri "/xmlrpc.php"] [unique_id "aluFlnFSmIRk1FksWZu3fwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-17 12:16:08
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 08:16:01.828527 2026] [security2:error] [pid 16007:tid 16007] [client 102.179.45.78:55899] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.45.78 (+1 hits since last alert)|birdlovesfish.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "birdlovesfish.com"] [uri "/xmlrpc.php"] [unique_id "alodAWgHRkY69ZeVBcTOXAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
n2nguyenn2nguyen
2026-07-16 15:25:13
(2 days ago)
Blocked by YFC Security on https://brixzly.com β type: xmlrpc_attempts
Brute-Force
Web App Attack
Anonymous
2026-07-16 13:42:22
(2 days ago)
[redacted] 102.179.45.78 - - [16/Jul/2026:15:41:40 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "W ...
show more
[redacted] 102.179.45.78 - - [16/Jul/2026:15:41:40 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "WordPress.com; https://wordpress.com"
[redacted] 102.179.45.78 - - [16/Jul/2026:15:41:50 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "WordPress.com; https://wordpress.com"
[redacted] 102.179.45.78 - - [16/Jul/2026:15:42:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)"
[redacted] 102.179.45.78 - - [16/Jul/2026:15:42:11 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Jetpack/12.0; WordPress/6.4; http://site53955969.com"
[redacted] 102.179.45.78 - - [16/Jul/2026:15:42:22 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 13:53:28
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 09:53:24.818935 2026] [security2:error] [pid 30461:tid 30461] [client 102.179.45.78:51010] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.45.78 (+1 hits since last alert)|cnphilos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cnphilos.com"] [uri "/xmlrpc.php"] [unique_id "alY_VM0KVTxDd1jLHmTa4QAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 12:22:48
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 08:22:44.885863 2026] [security2:error] [pid 15022:tid 15022] [client 102.179.45.78:55577] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.45.78 (+1 hits since last alert)|portlunchgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "portlunchgroup.com"] [uri "/xmlrpc.php"] [unique_id "alYqFJk2jBa3nKLGihblngAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
Apache
2026-07-14 11:53:47
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (BF/Burkina Faso/-): 5 in the las ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (BF/Burkina Faso/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
π«π·
applemooz
2026-07-11 11:00:34
(1 week ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
π¦πΊ
screwlooseit.com.au
2026-07-09 15:54:43
(1 week ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
BF/Burkina Faso/-
Web App Attack
π³π±
wlt-blocker
2026-07-09 15:45:30
(1 week ago)
Unauthorized access to webpage admin
Web App Attack
πͺπΈ
masterguru
2026-07-09 14:41:45
(1 week ago)
(xmlrpc) Failed xmlrpc access from 102.179.45.78 (BF/Burkina Faso/-): 5 in the last 3600 secs (0-122 ...
show more
(xmlrpc) Failed xmlrpc access from 102.179.45.78 (BF/Burkina Faso/-): 5 in the last 3600 secs (0-122)
show less
Hacking
πΊπΈ
TPI-Abuse
2026-07-09 14:13:18
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 10:13:10.595534 2026] [security2:error] [pid 20541:tid 20541] [client 102.179.45.78:59123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.45.78 (+1 hits since last alert)|415test.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "415test.com"] [uri "/xmlrpc.php"] [unique_id "ak-sdlwC4H7kfFqlT3dhcQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 12:24:47
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 08:24:42.877024 2026] [security2:error] [pid 22638:tid 22638] [client 102.179.45.78:59213] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.45.78 (+1 hits since last alert)|cuulphotos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cuulphotos.com"] [uri "/xmlrpc.php"] [unique_id "akzwCulgGj5YHLuGMvU69gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-06 15:32:20
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.45.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 11:32:14.478887 2026] [security2:error] [pid 20323:tid 20339] [client 102.179.45.78:62285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.45.78 (+1 hits since last alert)|travelusa.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "travelusa.us"] [uri "/xmlrpc.php"] [unique_id "akvKfuVssTf_qGvCnr5e-QAAAUs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-07-06 15:28:36
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack